friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8826eae394
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaha_5.4.0.1/rzahajce.htm

217 lines
12 KiB
HTML
Raw Normal View History

Add readme and dist folders
2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Java Cryptography Extension" />
<meta name="abstract" content="The Java Cryptography Extension (JCE) 1.2 is a standard extension to the Java 2 Software Development Kit (J2SDK), Standard Edition. The JCE implementation on an iSeries server is compatible with the implementation of Sun Microsystems, Inc. This documentation covers the unique aspects of the iSeries implementation." />
<meta name="description" content="The Java Cryptography Extension (JCE) 1.2 is a standard extension to the Java 2 Software Development Kit (J2SDK), Standard Edition. The JCE implementation on an iSeries server is compatible with the implementation of Sun Microsystems, Inc. This documentation covers the unique aspects of the iSeries implementation." />
<meta name="DC.Relation" scheme="URI" content="security.htm" />
<meta name="DC.Relation" scheme="URI" content="securmod.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahajssemain.htm" />
<meta name="DC.Relation" scheme="URI" content="jaasbase.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahajgssover.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzahajce" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Java Cryptography Extension</title>
</head>
<body id="rzahajce"><a name="rzahajce"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Java Cryptography Extension</h1>
<div><p>The Java™ Cryptography Extension (JCE) 1.2 is a standard
extension to the Java 2 Software Development Kit (J2SDK), Standard Edition.
The JCE implementation on an iSeries™ server is compatible with the implementation
of Sun Microsystems, Inc. This documentation covers the unique aspects of
the iSeries implementation.</p>
<p>In order to understand this information, you should be familiar with the
general documentation for the JCE extensions. See<a href="http://java.sun.com/products/jce/index-12.html" target="_blank">the Sun JCE documentation</a> for more information about
JCE extensions.</p>
<p><img src="./delta.gif" alt="Start of change" />The IBM<sup>®</sup> JCE Provider supports the following algorithms:<img src="./deltaend.gif" alt="End of change" /></p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><caption>Table 1. Supported algorithms in JDK 1.3 and JDK 1.4.2</caption><thead align="left"><tr valign="bottom"><th valign="bottom" width="18.661971830985916%" id="d0e45">JDK version</th>
<th align="left" valign="bottom" width="27.464788732394368%" id="d0e47">Signature algorithms</th>
<th align="left" valign="bottom" width="53.87323943661971%" id="d0e49">Cipher algorithms </th>
</tr>
</thead>
<tbody><tr><td valign="middle" width="18.661971830985916%" headers="d0e45 ">1.3</td>
<td align="left" valign="middle" width="27.464788732394368%" headers="d0e47 "><p>SHA1withDSA<br />
SHA1withRSA<br />
MD5withRSA<br />
MD2withRSA</p>
</td>
<td align="left" valign="top" width="53.87323943661971%" headers="d0e49 "><p>Blowfish<br />
AES<br />
DES<br />
Triple DES<br />
PBEWithMD2AndDES<br />
PBEWithMD2AndTripleDES<br />
PBEWithMD2AndRC2<br />
PBEWithMD5AndDES<br />
PBEWithMD5AndTripleDES<br />
PBEWithMD5AndRC2<br />
PBEWithSHA1AndDES<br />
PBEWithSHA1AndTripleDES<br />
PBEWithSHA1AndRC2<br />
PBEWithSHAAnd40BitRC2<br />
PBEWithSHAAnd128BitRC2<br />
PBEWithSHAAnd40BitRC4<br />
PBEWithSHAAnd128BitRC4<br />
PBEWithSHAAnd2KeyTripleDES<br />
PBEWithSHAAnd3KeyTripleDES<br />
Mars<br />
RC2<br />
RC4<br />
RSA<br />
Seal</p>
</td>
</tr>
<tr><td valign="middle" width="18.661971830985916%" headers="d0e45 ">1.4.2</td>
<td align="left" valign="middle" width="27.464788732394368%" headers="d0e47 "><p>SHA1withDSA<br />
SHA1withRSA<br />
MD5withRSA<br />
MD2withRSA</p>
</td>
<td align="left" valign="middle" width="53.87323943661971%" headers="d0e49 "><p>Blowfish<br />
AES<br />
DES<br />
Triple DES<br />
PBEWithMD2AndDES<br />
PBEWithMD2AndTripleDES<br />
PBEWithMD2AndRC2<br />
PBEWithMD5AndDES<br />
PBEWithMD5AndTripleDES<br />
PBEWithMD5AndRC2<br />
PBEWithSHA1AndDES<br />
PBEWithSHA1AndTripleDES<br />
PBEWithSHA1AndRC2<br />
PBEWithSHAAnd40BitRC2<br />
PBEWithSHAAnd128BitRC2<br />
PBEWithSHAAnd40BitRC4<br />
PBEWithSHAAnd128BitRC4<br />
PBEWithSHAAnd2KeyTripleDES<br />
PBEWithSHAAnd3KeyTripleDES<br />
Mars<br />
RC2<br />
RC4<br />
RSA<br />
Seal</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><caption>Table 2. Supported algorithms in JDK 1.3 and JDK 1.4.2, continued</caption><thead align="left"><tr valign="bottom"><th valign="bottom" id="d0e80">JDK version</th>
<th valign="bottom" id="d0e82">Message authentication codes (MACs)</th>
<th valign="bottom" id="d0e84">Message digests </th>
<th valign="bottom" id="d0e86">Key agreement algorithms </th>
</tr>
</thead>
<tbody><tr><td valign="middle" headers="d0e80 ">1.3</td>
<td valign="middle" headers="d0e82 "><p>HmacSHA1<br />
HmacMD2<br />
HmacMD5</p>
</td>
<td valign="middle" headers="d0e84 "><p>MD2<br />
MD5<br />
SHA-1</p>
</td>
<td valign="middle" headers="d0e86 ">DiffieHellman</td>
</tr>
<tr><td valign="middle" headers="d0e80 ">1.4.2</td>
<td valign="middle" headers="d0e82 "><p>HmacSHA1<br />
HmacMD2<br />
HmacMD5</p>
</td>
<td valign="middle" headers="d0e84 "><img src="./delta.gif" alt="Start of change" /><p>MD2<br />
MD5<br />
SHA-1<br />
SHA-256<br />
SHA-384<br />
SHA-512</p><img src="./deltaend.gif" alt="End of change" />
</td>
<td valign="middle" headers="d0e86 ">DiffieHellman</td>
</tr>
</tbody>
</table>
</div>
<p>In addition, IBM JCE
Provider also provides a random number generator.</p>
<p>If you want to use IBM JCE with Java 1.3, edit the /QIBM/ProdData/OS400/Java400/jdk/lib/security/java.security
file. The section of the file that needs to be changed is shown as follows.</p>
<pre>#
# To use the IBMJCE security provider, you need to:
# 1) Install an IBM Cryptographic Access Provider Product
# 2) Uncomment the third provider entry that follows.
#
# List of providers and their preference orders:
#
security.provider.1=sun.security.provider.Sun
security.provider.2=com.sun.rsajca.Provider
#security.provider.3=com.ibm.crypto.provider.IBMJCE </pre>
<p><img src="./delta.gif" alt="Start of change" />There is also a IBMJCEFIPS JCE provider. This provider has been
validated and found to be compliant with Federal Information Processing standard
(FIPS) 140-2, "Security Requirements for Cryptographic Modules."<img src="./deltaend.gif" alt="End of change" /></p>
<div class="p"><img src="./delta.gif" alt="Start of change" />The IBMJCEFIPS JCE provider supports the following algorithms:
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><caption>Table 3. Algorithms supported by the IBMJCEFIPS JCE provider</caption><thead align="left"><tr valign="bottom"><th valign="bottom" id="d0e140">Signature algorithms</th>
<th valign="bottom" id="d0e142">Cipher algorithms</th>
<th valign="bottom" id="d0e144">Message authentication codes</th>
<th valign="bottom" id="d0e146">Message digests</th>
</tr>
</thead>
<tbody><tr><td valign="top" headers="d0e140 "><p>SHA1withDSA<br />
SHA1withRSA</p>
</td>
<td valign="top" headers="d0e142 "><p>AES<br />
TripleDES<br />
RSA</p>
</td>
<td valign="top" headers="d0e144 ">HmacSHA1</td>
<td valign="top" headers="d0e146 "><p>MD5<br />
SHA-1<br />
SHA-256<br />
SHA-384<br />
SHA-512</p>
</td>
</tr>
</tbody>
</table>
</div>
<img src="./deltaend.gif" alt="End of change" /></div>
<p><img src="./delta.gif" alt="Start of change" />The IBMJCEFIPS JCE provider also supports the IBMSecureRandom
algorithm for random number generation.<img src="./deltaend.gif" alt="End of change" /></p>
<div class="p"><img src="./delta.gif" alt="Start of change" />To use IBMJCEFIPS, you will need to add a symbolic link to your
extension directory by issuing the following command:<pre>ADDLNK OBJ('/QIBM/ProdData/OS400/Java400/ext/ibmjcefips.jar')
NEWLNK(&lt; your extension directory &gt;)</pre>
<img src="./deltaend.gif" alt="End of change" /></div>
<p><img src="./delta.gif" alt="Start of change" />You will also have to add the provider to the list of providers
by either adding an entry in the java.security file (for example, <samp class="codeph">security.provider.4=com.ibm.crypto.fips.provider.IBMJCEFIPS</samp>),
or by using the Security.addProvider() method.<img src="./deltaend.gif" alt="End of change" /></p>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="security.htm" title="This topic provides details on adopted authority and explains how you can use SSL to make socket streams secure in your Java application.">Java security</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="securmod.htm" title="You can download Java applets from any system; thus, security mechanisms exist within the Java virtual machine to protect against malicious applets. The Java runtime system verifies the bytecodes as the Java virtual machine loads them. This ensures that they are valid bytecodes and that the code does not violate any of the restrictions that the Java virtual machine places on Java applets.">Java security model</a></div>
<div><a href="rzahajssemain.htm" title="The Java Secure Socket Extension (JSSE) is the Java implementation of the Secure Sockets Layer (SSL) protocol. JSSE uses SSL and the Transport Layer Security (TLS) protocol to enable clients and servers to conduct secure communications over TCP/IP.">Java Secure Socket Extension</a></div>
<div><a href="jaasbase.htm" title="The Java Authentication and Authorization Service (JAAS) is a standard extension to the Java 2 Software Development Kit (J2SDK), Standard Edition. J2SDK provides access controls that are based on where the code originated and who signed the code (code source-based access controls). It lacks, however, the ability to enforce additional access controls based on who runs the code. JAAS provides a framework that adds this support to the Java 2 security model.">Java Authentication and Authorization Service</a></div>
<div><a href="rzahajgssover.htm" title="The Java Generic Security Service (JGSS) provides a generic interface for authentication and secure messaging. Under this interface you can plug a variety of security mechanisms based on secret-key, public-key, or other security technologies.">IBM Java Generic Security Service (JGSS)</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue Copy Permalink